//install SEC
yum install sec
//edit sec conf file and add the input file
vim /etc/sysconfig/sec
//add haproxy.sec file in /etc/sec/
# SEC - Simple Event Correlator Configuration File
#
# Author: Steve Moitozo <god <> zilla <> us>
# Created: 20070304
# Description:
# SEC is being used for real-time notification of
# web server failure events. When HAProxy recognizes
# a server failure it writes information about the
# failure to its log file. SEC monitors the log file
# looking for certain events and sends notification
# e-mails to administrators
#
# match on a line like this:
# Server http_proxy/www0 is DOWN. 0 active and 2 backup servers left. Running on backup. 0 sessions active, 0 requeued, 0 remaining in queue.
# Take the name of the instance (http_proxy/www0) and put it in $1
# Take the server status (DOWN or UP) and put it in $2
# Take the rest of the line and put it in $3
#
type=Single
ptype=RegExp
pattern=Server\s+(\S+)\s+\S+\s+(\S+)(.*)
desc=$0
action=pipe '%t server $1 went $2 $3' /bin/mail -s 'HAProxy: $1 went $2' user@mail.com
//start sec
service sec start
yum install sec
//edit sec conf file and add the input file
vim /etc/sysconfig/sec
//add haproxy.sec file in /etc/sec/
# SEC - Simple Event Correlator Configuration File
#
# Author: Steve Moitozo <god <> zilla <> us>
# Created: 20070304
# Description:
# SEC is being used for real-time notification of
# web server failure events. When HAProxy recognizes
# a server failure it writes information about the
# failure to its log file. SEC monitors the log file
# looking for certain events and sends notification
# e-mails to administrators
#
# match on a line like this:
# Server http_proxy/www0 is DOWN. 0 active and 2 backup servers left. Running on backup. 0 sessions active, 0 requeued, 0 remaining in queue.
# Take the name of the instance (http_proxy/www0) and put it in $1
# Take the server status (DOWN or UP) and put it in $2
# Take the rest of the line and put it in $3
#
type=Single
ptype=RegExp
pattern=Server\s+(\S+)\s+\S+\s+(\S+)(.*)
desc=$0
action=pipe '%t server $1 went $2 $3' /bin/mail -s 'HAProxy: $1 went $2' user@mail.com
//start sec
service sec start
//additionally sec can be started with
/usr/bin/sec --conf=/etc/sec/sshd.rules --input=/var/log/secure
No comments:
Post a Comment